dependabot-common 0.118.4 → 0.118.10

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 845830fad18e1ab13ddd0595967f4b92e669ba13c45f4a682bad0591cb7864d0
4
- data.tar.gz: 3ded0bc265a44c5d15492a7dbe51f323d99232ff752c12e261f6e094d6912d28
3
+ metadata.gz: 6bf00c49b6a7615783788e0edc1d0325e3dd945460626e38f9512b026a340e79
4
+ data.tar.gz: ca87c4a1ef3c2f02136eb5c7bb3784c41818a64dfadd184d4008afa8518a8635
5
5
  SHA512:
6
- metadata.gz: ca234ac529c0ae36d5fd0283bf3b4e30d5d6a63e1fb544a7cf60d471065619cd8e45a53095b2af1e7d8ef5df200f667770887210d58f79595812234080f8470a
7
- data.tar.gz: c25caa46c1ffd80d407471e6027907a31b63868c3c04476c1f3659b90f754e1c30ff82b6c5e79ca447430b99b4a0bbaa187492b04284670901257957fe6da05c
6
+ metadata.gz: 699aeb3bb3638e7e478dd54e84cc926227cf664db0c010b76dd7cd2db7edc7b5d0dd4d6b17ee956ef42502911de5a84456537a6a899529b61983d4ce84976ade
7
+ data.tar.gz: 9e4db06775ac8ed1f5c43bc200706b26add29716bf2fcf961503be58f9ae24289532635527deca020752f7b106117b0d8b4816fa8f2720df0082569bb8397481
@@ -47,7 +47,6 @@ module Dependabot
47
47
 
48
48
  attr_reader :url, :credentials
49
49
 
50
- # rubocop:disable Metrics/CyclomaticComplexity
51
50
  # rubocop:disable Metrics/PerceivedComplexity
52
51
  def fetch_upload_pack_for(uri)
53
52
  response = fetch_raw_upload_pack_for(uri)
@@ -79,7 +78,6 @@ module Dependabot
79
78
 
80
79
  raise Dependabot::GitDependenciesNotReachable, [uri]
81
80
  end
82
- # rubocop:enable Metrics/CyclomaticComplexity
83
81
  # rubocop:enable Metrics/PerceivedComplexity
84
82
 
85
83
  def fetch_raw_upload_pack_for(uri)
@@ -76,7 +76,6 @@ module Dependabot
76
76
 
77
77
  private
78
78
 
79
- # rubocop:disable Metrics/CyclomaticComplexity
80
79
  # rubocop:disable Metrics/PerceivedComplexity
81
80
  def changelog
82
81
  return unless changelog_from_suggested_url || source
@@ -98,7 +97,6 @@ module Dependabot
98
97
  # Fall back to the changelog (or nil) from the default branch
99
98
  default_branch_changelog
100
99
  end
101
- # rubocop:enable Metrics/CyclomaticComplexity
102
100
  # rubocop:enable Metrics/PerceivedComplexity
103
101
 
104
102
  def changelog_from_suggested_url
@@ -89,21 +89,9 @@ module Dependabot
89
89
  @automerge_candidate
90
90
  end
91
91
 
92
- # rubocop:disable Metrics/PerceivedComplexity
93
92
  def update_type
94
93
  return unless dependencies.any?(&:previous_version)
95
94
 
96
- precision = dependencies.map do |dep|
97
- new_version_parts = version(dep).split(".")
98
- old_version_parts = previous_version(dep)&.split(".") || []
99
- all_parts = new_version_parts.first(3) + old_version_parts.first(3)
100
- next 0 unless all_parts.all? { |part| part.to_i.to_s == part }
101
- next 1 if new_version_parts[0] != old_version_parts[0]
102
- next 2 if new_version_parts[1] != old_version_parts[1]
103
-
104
- 3
105
- end.min
106
-
107
95
  case precision
108
96
  when 0 then "non-semver"
109
97
  when 1 then "major"
@@ -112,7 +100,18 @@ module Dependabot
112
100
  end
113
101
  end
114
102
 
115
- # rubocop:enable Metrics/PerceivedComplexity
103
+ def precision
104
+ dependencies.map do |dep|
105
+ new_version_parts = version(dep).split(/[.+]/)
106
+ old_version_parts = previous_version(dep)&.split(/[.+]/) || []
107
+ all_parts = new_version_parts.first(3) + old_version_parts.first(3)
108
+ next 0 unless all_parts.all? { |part| part.to_i.to_s == part }
109
+ next 1 if new_version_parts[0] != old_version_parts[0]
110
+ next 2 if new_version_parts[1] != old_version_parts[1]
111
+
112
+ 3
113
+ end.min
114
+ end
116
115
 
117
116
  def version(dep)
118
117
  return dep.version if version_class.correct?(dep.version)
@@ -192,8 +191,10 @@ module Dependabot
192
191
  !security_label.nil?
193
192
  end
194
193
 
194
+ # Find the exact match first and then fallback to * security* label
195
195
  def security_label
196
- labels.find { |l| l.match?(/security/i) }
196
+ labels.find { |l| l == DEFAULT_SECURITY_LABEL } ||
197
+ labels.find { |l| l.match?(/security/i) }
197
198
  end
198
199
 
199
200
  def label_update_type?
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Dependabot
4
- VERSION = "0.118.4"
4
+ VERSION = "0.118.10"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.118.4
4
+ version: 0.118.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-19 00:00:00.000000000 Z
11
+ date: 2020-08-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-codecommit
@@ -104,28 +104,28 @@ dependencies:
104
104
  requirements:
105
105
  - - "~>"
106
106
  - !ruby/object:Gem::Version
107
- version: '0.66'
107
+ version: '0.75'
108
108
  type: :runtime
109
109
  prerelease: false
110
110
  version_requirements: !ruby/object:Gem::Requirement
111
111
  requirements:
112
112
  - - "~>"
113
113
  - !ruby/object:Gem::Version
114
- version: '0.66'
114
+ version: '0.75'
115
115
  - !ruby/object:Gem::Dependency
116
116
  name: gitlab
117
117
  requirement: !ruby/object:Gem::Requirement
118
118
  requirements:
119
119
  - - '='
120
120
  - !ruby/object:Gem::Version
121
- version: 4.15.0
121
+ version: 4.16.1
122
122
  type: :runtime
123
123
  prerelease: false
124
124
  version_requirements: !ruby/object:Gem::Requirement
125
125
  requirements:
126
126
  - - '='
127
127
  - !ruby/object:Gem::Version
128
- version: 4.15.0
128
+ version: 4.16.1
129
129
  - !ruby/object:Gem::Dependency
130
130
  name: nokogiri
131
131
  requirement: !ruby/object:Gem::Requirement
@@ -286,34 +286,20 @@ dependencies:
286
286
  - - "~>"
287
287
  - !ruby/object:Gem::Version
288
288
  version: '1.2'
289
- - !ruby/object:Gem::Dependency
290
- name: rspec_junit_formatter
291
- requirement: !ruby/object:Gem::Requirement
292
- requirements:
293
- - - "~>"
294
- - !ruby/object:Gem::Version
295
- version: '0.4'
296
- type: :development
297
- prerelease: false
298
- version_requirements: !ruby/object:Gem::Requirement
299
- requirements:
300
- - - "~>"
301
- - !ruby/object:Gem::Version
302
- version: '0.4'
303
289
  - !ruby/object:Gem::Dependency
304
290
  name: rubocop
305
291
  requirement: !ruby/object:Gem::Requirement
306
292
  requirements:
307
293
  - - "~>"
308
294
  - !ruby/object:Gem::Version
309
- version: 0.85.0
295
+ version: 0.88.0
310
296
  type: :development
311
297
  prerelease: false
312
298
  version_requirements: !ruby/object:Gem::Requirement
313
299
  requirements:
314
300
  - - "~>"
315
301
  - !ruby/object:Gem::Version
316
- version: 0.85.0
302
+ version: 0.88.0
317
303
  - !ruby/object:Gem::Dependency
318
304
  name: vcr
319
305
  requirement: !ruby/object:Gem::Requirement
@@ -422,7 +408,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
422
408
  - !ruby/object:Gem::Version
423
409
  version: 2.7.3
424
410
  requirements: []
425
- rubygems_version: 3.0.3
411
+ rubygems_version: 3.1.2
426
412
  signing_key:
427
413
  specification_version: 4
428
414
  summary: Shared code used between Dependabot package managers